Internet Security Specialists


Education and Training Requirements

High School

If you are a high school student and think you want to get into the Internet security industry, first and foremost you need to take computer science/programming classes. Don't just book learn, however. Hands-on experience is key and probably is what will get you your first job. Spend time in the school computer lab, learn how computers work, and dabble with the latest technologies. Look for volunteer opportunities with clubs or other organizations you belong to.

If you are interested in management or consulting, a well-rounded educational background is important. You should take classes in mathematics, science, and English. You may also want to take business classes to become familiar with the business world.

Postsecondary Training

Many universities and colleges have created various degree programs to address the growing need for trained Internet security professionals. People interested in the field can earn an associate's, bachelor's, or master's degree. You will be required to have a bachelor's degree at a minimum. Earning a master's degree of business administration in information systems may help you launch your own consulting business or become a manager at a large company.

Computer lab courses teach how to work with a team to solve problems and complete assignments—something that you will probably do in this field—especially in the consulting business. Programming requires an understanding of mathematics and algorithms. Law enforcement classes are also beneficial. By learning the mindset of the criminal, you can better protect your client or employer. Last, being versed in intellectual property law is important because you will be working with transmitting and protecting sensitive information as it travels to various locations.

Internships are the best way to gain hands-on experience. They offer real-life situations and protected work environments where you can see what Internet security is all about. Internships are not as common, however, mostly because of security problems that arise from bringing inexperienced young people into contact with sensitive, confidential information. You may be able to get an internship in a security department but not have access to sensitive information.


Some colleges and universities offer undergraduate and graduate certificates in Internet security, programming, and related areas. Contact schools in your area to learn about available programs.

The IEEE Computer Society offers certificates of achievement to those who complete the following security-related courses: Foundations of Software Security, Secure Software Design, Managing Secure Software Development, Cloud Governance and Security, and Secure Software Coding.

Other Education or Training

Professional associations and government agencies often provide continuing education (CE) opportunities to help Internet security specialists maintain their skills. Such opportunities are provided by the CERT Division, International Association of Computer Investigative Specialists, Information Systems Security Association, (ISC)², SANS Institute, Association for Computing Machinery, and the IEEE Computer Society. Contact these organizations for more information.

Certification, Licensing, and Special Requirements

Certification or Licensing

(ISC)² offers several certification designations to applicants who pass an examination and meet other requirements. Some of its designations include associate of (ISC)² (an entry-level credential), certified information systems security professional (CISSP), systems security certified practitioner, certified cloud security professional, certified authorization professional, certified secure software lifecycle professional,and healthcare information security and privacy practitioner. Many companies require candidates to earn the CISSP credential. Before you can become certified, however, the organization requires you to have five years of experience in the field and pass an examination. SANS Institute, Institute for the Certification of Computing Professionals, CompTIA, and vendors of Internet security software and other products also offer certification credentials.

The Internet is constantly evolving, and Internet technology changes so rapidly that it is vital for the Internet security specialist to stay on top of current technology. After all, if a hacker has knowledge of cutting-edge technology and can use it to break into a system, the security specialist must be trained to counter those attacks. Security specialists must be well versed in the same cutting-edge technology. Often, the vendor creating the most current technology is the best training source. In the future, the technology is likely to become more complex, and so is the training. Ideally, product certification coupled with a few years of hands-on experience qualifies you for advancement.

Other Requirements

It is not uncommon for those applying for security positions to be asked to undergo background checks or at least have their list of references closely interviewed to make sure the applicants are trustworthy individuals. In fact, many companies prefer to hire individuals who have been recommended to them directly by someone they know and trust.

Experience, Skills, and Personality Traits

Most employers prefer to hire candidates who already have at least two to three years of experience in the security field or one related to it. For example, if the company is looking for a database security specialist, it may consider a candidate who worked as a database administrator for two to three years. Many analysts have experience as a network or systems administrator.

For more senior or higher-level positions, or jobs at companies that are especially vulnerable or concerned with security, you may be required to have at least five years of experience and the certified information systems security professional credential from (ISC)².

You must enjoy working with computers and be driven to keep them secure. You must have an eye for detail, since a single overlooked detail can result in a security breach.

Communication skills are important because specialists often deal with management and try to sell them on the importance of security software. The ability to work well as a member of a team is also important because it often takes several specialists working together to address security issues. Other key traits include strong analytical and leadership skills, creativity, ingenuity and good problem-solving skills.